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DETAILED ACTION 
Response to Amendment 
1. Claims 9-16 and 18-23 are currently pending in this application. 



Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

3. Claims 9-10, 13-15 and 20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent Number 7,007,093 to Spicer et al. in view of U.S. Patent Number 6,457,054 to 
Bakshi et al.. 

4. As to claim 9, Spicer teaches a method of accessing an internal network device on a 
protected network, the network including a security device, the method comprising: storing data 
addressed to the internal network device in an external proxy server (col 4, lines 4-24, the Proxy 
Server 1 14 stores data addressed to the Network Resources 104.); maintaining a proxy agent on 
the protected network, the proxy agent executing the step of: polling the external proxy server for 
data addressed to the internal network device, where polling includes: connecting to the external 
proxy server to check for pending traffic (col. 4, lines 4-24, the Polling Server 1 16 polls the 
Proxy Server 1 14); receiving from the external proxy server when the external proxy server has 
received data from a client (col. 4, lines 4-24, Polling Server receives client request for Network 
Resources 104); forwarding to the internal network device any data on the external proxy server 
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and addressed to the internal network device; and forwarding to the external proxy server any 
data addressed to an external device in communication with the external proxy server (col. 4, 
lines 4-24, the Network Resources 104 are disclosed as being printers and file servers and other 
similar devices which inherently send responses); however Spicer does not explicitly teach the 
external proxy server sending a stream of spurious bytes if there is nothing pending for the 
internal network device. 

Bakshi teaches a method of receiving a stream of spurious bytes from a proxy server if 
there is nothing pending for the network device (col. 3, lines 46-67). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of Spicer regarding communication through a 
private network with the teachings of Bakshi regarding the transmission of spurious bytes 
because spurious bytes keep communication channels open and thus reduce latency that would 
be required to establish a connection (Bakshi, col. 3, lines 46-67). 

5. As to claim 10, Spicer teaches a method of polling the external server at regular intervals 
(col. 4, lines 4-24). 

6. As to claim 13, Bakshi teaches a method of multiplexing multiple requests from the 
proxy agent to proxy server through the same connection (col. 3, line 46-67). 

7. As to claim 14, Spicer teaches a method of maintaining by the proxy server maps 
between local TCP/IP ports of the proxy server and private IP addresses on the protected 
network, the maps being distinguished by an identity of the proxy agent used to access them (col. 
4, lines 4-44). 
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8. As to claim 15, Spicer teaches a method of publishing by each proxy agent a list of 
addresses it can reach to the external proxy server, the external proxy server using this list to 
create a respective map between local ports and proxy agents (col. 4, line 55-col. 5, line 15). 

9. As to claim 20, Spicer teaches a method of providing network administrators control over 
the system including granting administrators the ability to allow and deny entry into the 
protected network on a per session basis (col. 4, line 55-col. 5, line 15). 

10. Claim 1 1-12, 16, 20-21, and 23 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent Number 7,007,093 to Spicer et al. in view of U.S. Patent Number 6,457,054 to 
Bakshi et al. in further view of U.S. Patent Number 6,510,464 to Grantges Jr. et al.. 

11. As to claim 1 1 , the Spicer-Bakshi combination does not explicitly teach the use of two 
separate protocols to inside and outside the private network. 

Grantges Jr. teaches a method of communicating by an internal network device with a 
proxy using a first network protocol and an external network device communicating with the 
proxy using a second protocol (Figure 7). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of the Spicer-Bakshi combination regarding 
communication to devices on a private network with the teachings of Grantges, Jr. regarding the 
use of different protocols inside and outside of the private network because some connections 
may be required to be secure. 

12. As to claim 12, Grantges Jr. teaches a method wherein data addressed to an internal 
network device using a second network protocol is transmitted to the internal device using the 
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first protocol so that the second protocol is carried to the internal network device inside the first 
network protocol (HTTP traffic is encrypted using HTTPS). 

13. As to claim 16, the Spicer-Bakshi combination does not explicitly teach ensuring cookie 
delivery. 

Grantges, Jr. teaches a proxy server that ensures proper cookie routing (col 11, line 63- 
col. 12, line 10). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of the Spicer-Bakshi combination regarding a 
system for communicating with private network devices with the teachings of Grantges, Jr. 
regarding the routing of cookies because cookies are commonly communicated during HTTP 
communication. 

14. As to claim 18 and 19, they are rejected for the same reason as claims 1 1 and 12. 

15. As to claim 20, Grantges Jr. teaches the use of X.509 certificates (Fig 7). 

16. As to claim 21, the Spicer-Bakshi combination teaches the method of claim 9 however 
the Spicer-Bakshi combination does not explicitly teach rewriting cookies with unique 
identifiers. 

Grantges Jr. teaches rewriting cookies with unique identifiers to prevent inadvertent 
transmission of private information to an incorrect recipient on the protected network (col. 9, line 
54-col. 10, line 5). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of the Spicer-Bakshi combination regarding a 
system for communicating with private network devices with the teachings of Grantges, Jr. 
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regarding the routing of cookies because cookies are commonly communicated during HTTP 
communication. 

17. As to claim 23, the Spicer-Bakshi combination teaches the method of claim 9 however 
the Spicer-Bakshi combination does not explicitly teach granting a key for access. 

Grantges teaches a method wherein access is conferred by granting a key with a 
predetermined life span (col. 7, lines 63-col. 8, line 14). 

It would have been obvious to one of ordinary skill in the Computer Networking art at the 
time of the invention to combine the teachings of the Spicer-Bakshi combination regarding a 
system for communicating with private network devices with the teachings of Grantges, Jr. 
regarding granting a key because keys are commonly used to identify requesters. 

Response to Arguments 

18. Applicant's arguments filed 6/1 5/06 have been fully considered but they are not 
persuasive. The applicant argues that Spicer makes no mention of "the polling server forwarding 
data addressed to an external device to the external proxy server". However, the examiner points 
out that the Network Resources 104 in Figure 1 of Spicer are disclosed as being printers and file 
servers. Most modern printers send their clients status information to show the status of client's 
print job. Likewise it would be pointless to access a file server and not expect a response, for 
example, if a user requested a file, the user would want the requested file returned. The 
applicant's suggestion that Spicer does not allow any responses from the Network Resources to 
the clients using Network Terminals via the Proxy Server completely ignores the purpose of 
Spicer' s invention. 
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19. So looking specifically at Spicer's invention with respect to Figure 1, let's assume that 
the Network Resource 104 is a printer. Network Terminal 200 would submit a print job through 
Communications Network 1 12 to Proxy Server 1 14. The print job would then be retrieved by 
Polling Server 1 16 and sent to Printer Server 1 18 and then sent to the printer (Network Resource 
1 04). The printer would then return the status of the print job through Printer Server 1 1 8 and 
Polling Server 1 16 to the Proxy Server 1 14. Notice Figure 1 shows arrows indicating the 2-way 
communication between the Proxy Server 1 14 and the Polling Server 1 16. 



Conclusion 

20. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 . 136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 . 136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

21. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Douglas B. Blair whose telephone number is 571-272-3893. The 
examiner can normally be reached on 8:30am-5pm Mon-Fri. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwell can be reached on 571-272-3868. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Douglas Blair 





